Lucene search

[email protected]NVD:CVE-2023-48712

HistoryNov 24, 2023 - 5:15 p.m.

CVE-2023-48712

2023-11-2417:15:08

CWE-863

[email protected]

web.nvd.nist.gov

warpgate

ssh

https

mysql

linux

privilege escalation

single-factor authentication

vulnerability

upgrade.

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

19.3%

JSON

Warpgate is an open source SSH, HTTPS and MySQL bastion host for Linux. In affected versions there is a privilege escalation vulnerability through a non-admin user’s account. Limited users can impersonate another user’s account if only single-factor authentication is configured. If a user knows an admin username, opens the login screen and attempts to authenticate with an incorrect password they can subsequently enter a valid non-admin username and password they will be logged in as the admin user. All installations prior to version 0.9.0 are affected. All users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected configurations

Nvd

Node

warpgate_projectwarpgateRange≤0.8.1

VendorProductVersionCPE
warpgate_projectwarpgate*cpe:2.3:a:warpgate_project:warpgate:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
warpgate_project	warpgate	*	cpe:2.3:a:warpgate_project:warpgate::::::::

References

github.com/warp-tech/warpgate/commit/e3b26b2699257b9482dce2e9157bd9b5e05d9c76

github.com/warp-tech/warpgate/security/advisories/GHSA-c94j-vqr5-3mxr

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

19.3%

JSON

Related for NVD:CVE-2023-48712

cvelist1 prion1 osv1 cve1